coverme-scanner 4.0.2 → 4.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/index.js +17 -1
- package/dist/cli/index.js.map +1 -1
- package/dist/cli/init.d.ts.map +1 -1
- package/dist/cli/init.js +34 -547
- package/dist/cli/init.js.map +1 -1
- package/dist/prompts/coverme-command.md +6 -31
- package/package.json +1 -1
package/dist/cli/index.js
CHANGED
|
@@ -12,7 +12,23 @@ const program = new commander_1.Command();
|
|
|
12
12
|
program
|
|
13
13
|
.name('coverme')
|
|
14
14
|
.description('AI-powered code scanner with multi-agent verification for Claude Code')
|
|
15
|
-
.version(pkg.version)
|
|
15
|
+
.version(pkg.version)
|
|
16
|
+
.argument('[input]', 'Input JSON file (for direct PDF generation)')
|
|
17
|
+
.argument('[output]', 'Output PDF file')
|
|
18
|
+
.action(async (input, output) => {
|
|
19
|
+
// Direct mode: coverme scan.json report.pdf
|
|
20
|
+
if (input && input.endsWith('.json')) {
|
|
21
|
+
const outputPath = output || input.replace('.json', '.pdf');
|
|
22
|
+
console.log(`Generating PDF from ${input}...`);
|
|
23
|
+
await (0, index_js_1.generateReport)(input, outputPath, 'pdf');
|
|
24
|
+
console.log(`Report saved to: ${outputPath}`);
|
|
25
|
+
return;
|
|
26
|
+
}
|
|
27
|
+
// If no args or not json, show help
|
|
28
|
+
if (!input) {
|
|
29
|
+
program.help();
|
|
30
|
+
}
|
|
31
|
+
});
|
|
16
32
|
program
|
|
17
33
|
.command('init')
|
|
18
34
|
.description('Install vibecode slash commands into .claude/commands/')
|
package/dist/cli/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":";;;AAEA,yCAAoC;AACpC,uCAAiC;AACjC,uCAAiC;AACjC,iDAAoD;AACpD,2BAAsF;AACtF,+BAA4B;AAE5B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;AAE3F,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,SAAS,CAAC;KACf,WAAW,CAAC,uEAAuE,CAAC;KACpF,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AAExB,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wDAAwD,CAAC;KACrE,MAAM,CAAC,cAAc,EAAE,yCAAyC,CAAC;KACjE,MAAM,CAAC,aAAa,EAAE,qCAAqC,CAAC;KAC5D,MAAM,CAAC,cAAI,CAAC,CAAC;AAEhB,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,gDAAgD,CAAC;KAC7D,QAAQ,CAAC,QAAQ,EAAE,cAAc,EAAE,GAAG,CAAC;KACvC,MAAM,CAAC,uBAAuB,EAAE,oCAAoC,EAAE,KAAK,CAAC;KAC5E,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,CAAC;KACtD,MAAM,CAAC,yBAAyB,EAAE,qDAAqD,EAAE,KAAK,CAAC;KAC/F,MAAM,CAAC,wBAAwB,EAAE,iDAAiD,EAAE,KAAK,CAAC;KAC1F,MAAM,CAAC,eAAe,EAAE,gBAAgB,CAAC;KACzC,MAAM,CAAC,sBAAsB,EAAE,2BAA2B,EAAE,GAAG,CAAC;KAChE,MAAM,CAAC,cAAI,CAAC,CAAC;AAEhB,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,4CAA4C,CAAC;KACzD,QAAQ,CAAC,aAAa,EAAE,+DAA+D,CAAC;KACxF,MAAM,CAAC,qBAAqB,EAAE,kBAAkB,CAAC;KACjD,MAAM,CAAC,uBAAuB,EAAE,4BAA4B,EAAE,MAAM,CAAC;KACrE,MAAM,CAAC,KAAK,EAAE,QAA4B,EAAE,OAA6C,EAAE,EAAE;IAC5F,IAAI,UAAU,GAAG,QAAQ,CAAC;IAE1B,wCAAwC;IACxC,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;QAEnD,sBAAsB;QACtB,MAAM,WAAW,GAAG,IAAA,WAAI,EAAC,UAAU,EAAE,WAAW,CAAC,CAAC;QAClD,IAAI,IAAA,eAAU,EAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,UAAU,GAAG,WAAW,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,kBAAkB,UAAU,EAAE,CAAC,CAAC;QAC9C,CAAC;aAAM,CAAC;YACN,wCAAwC;YACxC,IAAI,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;gBAC3B,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,CAAC,UAAU,CAAC;qBAChD,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;qBACnE,IAAI,EAAE;qBACN,OAAO,EAAE,CAAC;gBAEb,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrB,UAAU,GAAG,IAAA,WAAI,EAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;oBACxC,OAAO,CAAC,GAAG,CAAC,kBAAkB,UAAU,EAAE,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;YACxC,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;YAC7D,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;YACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,CAAC,OAAO,CAAC,MAAM,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAmB,CAAC;IAC7E,MAAM,IAAA,yBAAc,EAAC,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAC3D,CAAC,CAAC,CAAC;AAEL,4BAA4B;AAC5B,MAAM,QAAQ,GAAG,OAAO;KACrB,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,sBAAsB,CAAC,CAAC;AAEvC,QAAQ;KACL,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,wBAAwB,CAAC;KACrC,QAAQ,CAAC,QAAQ,EAAE,2BAA2B,CAAC;KAC/C,QAAQ,CAAC,QAAQ,EAAE,0BAA0B,CAAC;KAC9C,MAAM,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,EAAE;IACrC,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IAEnD,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,IAAA,cAAS,EAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,MAAM,GAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IACjC,IAAI,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC3B,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;QACvD,IAAI,CAAC,MAAM,CAAC,MAAM;YAAE,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC;IACzC,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,IAAA,kBAAa,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,GAAG,CAAC,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;AAC/B,CAAC,CAAC,CAAC;AAEL,QAAQ;KACL,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,GAAG,EAAE;IACX,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;IAClE,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,yFAAyF,CAAC,CAAC;QACvG,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,yFAAyF,CAAC,CAAC;QACvG,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,KAAU,EAAE,CAAS,EAAE,EAAE;QAC9C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QACzC,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEL,QAAQ;KACL,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,uBAAuB,CAAC;KACpC,QAAQ,CAAC,QAAQ,EAAE,sBAAsB,CAAC;KAC1C,MAAM,CAAC,CAAC,IAAY,EAAE,EAAE;IACvB,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;IAClE,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;QACtC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IAC7F,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,UAAU,IAAI,aAAa,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,IAAA,kBAAa,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC;AACjD,CAAC,CAAC,CAAC;AAEL,gCAAgC;AAChC,MAAM,SAAS,GAAG,OAAO;KACtB,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,sDAAsD,CAAC,CAAC;AAEvE,SAAS;KACN,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,+CAA+C,CAAC;KAC5D,MAAM,CAAC,mBAAmB,EAAE,kCAAkC,CAAC;KAC/D,MAAM,CAAC,mBAAmB,EAAE,UAAU,EAAE,IAAI,CAAC;KAC7C,MAAM,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;KACrD,MAAM,CAAC,mBAAmB,EAAE,8CAA8C,CAAC;KAC3E,MAAM,CAAC,CAAC,OAAsE,EAAE,EAAE;IACjF,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,UAAU,EAAE,cAAc,CAAC,CAAC;IAEpD,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,IAAA,cAAS,EAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,MAAM,GAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC;IACvC,IAAI,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC3B,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;QACvD,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,MAAM,CAAC,YAAY,GAAG,EAAE,CAAC;IACrD,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,kEAAkE,CAAC,CAAC;QAChF,OAAO,CAAC,GAAG,CAAC,mEAAmE,CAAC,CAAC;QACjF,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;QAC/E,OAAO,CAAC,GAAG,CAAC,+FAA+F,CAAC,CAAC;QAC7G,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;QAE9D,IAAI,MAAM,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;YACxC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,GAAQ,EAAE,CAAS,EAAE,EAAE;gBAClD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAClE,CAAC,CAAC,CAAC;QACL,CAAC;QACD,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC;IAEvF,iCAAiC;IACjC,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;IAEjF,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC;QACvB,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC;QACpC,OAAO,EAAE,OAAO,CAAC,GAAG,IAAI,IAAI;QAC5B,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KAClC,CAAC,CAAC;IAEH,IAAA,kBAAa,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,wBAAwB,OAAO,GAAG,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,CAAC,WAAW,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,WAAW,OAAO,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;IAC/C,IAAI,OAAO,CAAC,GAAG;QAAE,OAAO,CAAC,GAAG,CAAC,UAAU,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,qBAAqB,OAAO,EAAE,CAAC,CAAC;IAC5C,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACpC,OAAO,CAAC,GAAG,CAAC,uBAAuB,OAAO,EAAE,CAAC,CAAC;AAChD,CAAC,CAAC,CAAC;AAEL,SAAS;KACN,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,8BAA8B,CAAC;KAC3C,MAAM,CAAC,GAAG,EAAE;IACX,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,cAAc,CAAC,CAAC;IAEnE,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,oEAAoE,CAAC,CAAC;QAClF,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAE7D,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;IAC5C,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,GAAQ,EAAE,CAAS,EAAE,EAAE;QAClD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,cAAc,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;QAClD,IAAI,GAAG,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,aAAa,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;QACzE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEL,SAAS;KACN,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,uBAAuB,CAAC;KACpC,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;KACtC,MAAM,CAAC,CAAC,IAAY,EAAE,EAAE;IACvB,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,cAAc,CAAC,CAAC;IAEnE,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAC7C,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IAEnG,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,gBAAgB,IAAI,aAAa,CAAC,CAAC;QACjD,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACtD,IAAA,kBAAa,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,wBAAwB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC;AACvD,CAAC,CAAC,CAAC;AAEL,OAAO,CAAC,KAAK,EAAE,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":";;;AAEA,yCAAoC;AACpC,uCAAiC;AACjC,uCAAiC;AACjC,iDAAoD;AACpD,2BAAsF;AACtF,+BAA4B;AAE5B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;AAE3F,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,SAAS,CAAC;KACf,WAAW,CAAC,uEAAuE,CAAC;KACpF,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;KACpB,QAAQ,CAAC,SAAS,EAAE,6CAA6C,CAAC;KAClE,QAAQ,CAAC,UAAU,EAAE,iBAAiB,CAAC;KACvC,MAAM,CAAC,KAAK,EAAE,KAAc,EAAE,MAAe,EAAE,EAAE;IAChD,4CAA4C;IAC5C,IAAI,KAAK,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACrC,MAAM,UAAU,GAAG,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,KAAK,CAAC,CAAC;QAC/C,MAAM,IAAA,yBAAc,EAAC,KAAK,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,oBAAoB,UAAU,EAAE,CAAC,CAAC;QAC9C,OAAO;IACT,CAAC;IACD,oCAAoC;IACpC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,IAAI,EAAE,CAAC;IACjB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wDAAwD,CAAC;KACrE,MAAM,CAAC,cAAc,EAAE,yCAAyC,CAAC;KACjE,MAAM,CAAC,aAAa,EAAE,qCAAqC,CAAC;KAC5D,MAAM,CAAC,cAAI,CAAC,CAAC;AAEhB,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,gDAAgD,CAAC;KAC7D,QAAQ,CAAC,QAAQ,EAAE,cAAc,EAAE,GAAG,CAAC;KACvC,MAAM,CAAC,uBAAuB,EAAE,oCAAoC,EAAE,KAAK,CAAC;KAC5E,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,CAAC;KACtD,MAAM,CAAC,yBAAyB,EAAE,qDAAqD,EAAE,KAAK,CAAC;KAC/F,MAAM,CAAC,wBAAwB,EAAE,iDAAiD,EAAE,KAAK,CAAC;KAC1F,MAAM,CAAC,eAAe,EAAE,gBAAgB,CAAC;KACzC,MAAM,CAAC,sBAAsB,EAAE,2BAA2B,EAAE,GAAG,CAAC;KAChE,MAAM,CAAC,cAAI,CAAC,CAAC;AAEhB,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,4CAA4C,CAAC;KACzD,QAAQ,CAAC,aAAa,EAAE,+DAA+D,CAAC;KACxF,MAAM,CAAC,qBAAqB,EAAE,kBAAkB,CAAC;KACjD,MAAM,CAAC,uBAAuB,EAAE,4BAA4B,EAAE,MAAM,CAAC;KACrE,MAAM,CAAC,KAAK,EAAE,QAA4B,EAAE,OAA6C,EAAE,EAAE;IAC5F,IAAI,UAAU,GAAG,QAAQ,CAAC;IAE1B,wCAAwC;IACxC,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;QAEnD,sBAAsB;QACtB,MAAM,WAAW,GAAG,IAAA,WAAI,EAAC,UAAU,EAAE,WAAW,CAAC,CAAC;QAClD,IAAI,IAAA,eAAU,EAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,UAAU,GAAG,WAAW,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,kBAAkB,UAAU,EAAE,CAAC,CAAC;QAC9C,CAAC;aAAM,CAAC;YACN,wCAAwC;YACxC,IAAI,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;gBAC3B,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,CAAC,UAAU,CAAC;qBAChD,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;qBACnE,IAAI,EAAE;qBACN,OAAO,EAAE,CAAC;gBAEb,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrB,UAAU,GAAG,IAAA,WAAI,EAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;oBACxC,OAAO,CAAC,GAAG,CAAC,kBAAkB,UAAU,EAAE,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;YACxC,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;YAC7D,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;YACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,CAAC,OAAO,CAAC,MAAM,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAmB,CAAC;IAC7E,MAAM,IAAA,yBAAc,EAAC,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAC3D,CAAC,CAAC,CAAC;AAEL,4BAA4B;AAC5B,MAAM,QAAQ,GAAG,OAAO;KACrB,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,sBAAsB,CAAC,CAAC;AAEvC,QAAQ;KACL,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,wBAAwB,CAAC;KACrC,QAAQ,CAAC,QAAQ,EAAE,2BAA2B,CAAC;KAC/C,QAAQ,CAAC,QAAQ,EAAE,0BAA0B,CAAC;KAC9C,MAAM,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,EAAE;IACrC,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IAEnD,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,IAAA,cAAS,EAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,MAAM,GAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IACjC,IAAI,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC3B,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;QACvD,IAAI,CAAC,MAAM,CAAC,MAAM;YAAE,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC;IACzC,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,IAAA,kBAAa,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,GAAG,CAAC,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;AAC/B,CAAC,CAAC,CAAC;AAEL,QAAQ;KACL,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,GAAG,EAAE;IACX,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;IAClE,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,yFAAyF,CAAC,CAAC;QACvG,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,yFAAyF,CAAC,CAAC;QACvG,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,KAAU,EAAE,CAAS,EAAE,EAAE;QAC9C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QACzC,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEL,QAAQ;KACL,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,uBAAuB,CAAC;KACpC,QAAQ,CAAC,QAAQ,EAAE,sBAAsB,CAAC;KAC1C,MAAM,CAAC,CAAC,IAAY,EAAE,EAAE;IACvB,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;IAClE,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;QACtC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IAC7F,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,UAAU,IAAI,aAAa,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,IAAA,kBAAa,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC;AACjD,CAAC,CAAC,CAAC;AAEL,gCAAgC;AAChC,MAAM,SAAS,GAAG,OAAO;KACtB,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,sDAAsD,CAAC,CAAC;AAEvE,SAAS;KACN,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,+CAA+C,CAAC;KAC5D,MAAM,CAAC,mBAAmB,EAAE,kCAAkC,CAAC;KAC/D,MAAM,CAAC,mBAAmB,EAAE,UAAU,EAAE,IAAI,CAAC;KAC7C,MAAM,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;KACrD,MAAM,CAAC,mBAAmB,EAAE,8CAA8C,CAAC;KAC3E,MAAM,CAAC,CAAC,OAAsE,EAAE,EAAE;IACjF,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,UAAU,EAAE,cAAc,CAAC,CAAC;IAEpD,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,IAAA,cAAS,EAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,MAAM,GAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC;IACvC,IAAI,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC3B,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;QACvD,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,MAAM,CAAC,YAAY,GAAG,EAAE,CAAC;IACrD,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,kEAAkE,CAAC,CAAC;QAChF,OAAO,CAAC,GAAG,CAAC,mEAAmE,CAAC,CAAC;QACjF,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;QAC/E,OAAO,CAAC,GAAG,CAAC,+FAA+F,CAAC,CAAC;QAC7G,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;QAE9D,IAAI,MAAM,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;YACxC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,GAAQ,EAAE,CAAS,EAAE,EAAE;gBAClD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAClE,CAAC,CAAC,CAAC;QACL,CAAC;QACD,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC;IAEvF,iCAAiC;IACjC,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;IAEjF,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC;QACvB,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC;QACpC,OAAO,EAAE,OAAO,CAAC,GAAG,IAAI,IAAI;QAC5B,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KAClC,CAAC,CAAC;IAEH,IAAA,kBAAa,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,wBAAwB,OAAO,GAAG,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,CAAC,WAAW,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,WAAW,OAAO,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;IAC/C,IAAI,OAAO,CAAC,GAAG;QAAE,OAAO,CAAC,GAAG,CAAC,UAAU,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,qBAAqB,OAAO,EAAE,CAAC,CAAC;IAC5C,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACpC,OAAO,CAAC,GAAG,CAAC,uBAAuB,OAAO,EAAE,CAAC,CAAC;AAChD,CAAC,CAAC,CAAC;AAEL,SAAS;KACN,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,8BAA8B,CAAC;KAC3C,MAAM,CAAC,GAAG,EAAE;IACX,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,cAAc,CAAC,CAAC;IAEnE,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,oEAAoE,CAAC,CAAC;QAClF,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAE7D,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;IAC5C,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,GAAQ,EAAE,CAAS,EAAE,EAAE;QAClD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,cAAc,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;QAClD,IAAI,GAAG,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,aAAa,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;QACzE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEL,SAAS;KACN,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,uBAAuB,CAAC;KACpC,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;KACtC,MAAM,CAAC,CAAC,IAAY,EAAE,EAAE;IACvB,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,cAAc,CAAC,CAAC;IAEnE,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAC7C,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,iBAAY,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IAEnG,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,gBAAgB,IAAI,aAAa,CAAC,CAAC;QACjD,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACtD,IAAA,kBAAa,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,wBAAwB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC;AACvD,CAAC,CAAC,CAAC;AAEL,OAAO,CAAC,KAAK,EAAE,CAAC"}
|
package/dist/cli/init.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../src/cli/init.ts"],"names":[],"mappings":"AAIA,UAAU,WAAW;IACnB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;
|
|
1
|
+
{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../src/cli/init.ts"],"names":[],"mappings":"AAIA,UAAU,WAAW;IACnB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CA+L9D"}
|
package/dist/cli/init.js
CHANGED
|
@@ -37,537 +37,11 @@ exports.init = init;
|
|
|
37
37
|
const fs = __importStar(require("fs"));
|
|
38
38
|
const path = __importStar(require("path"));
|
|
39
39
|
const os = __importStar(require("os"));
|
|
40
|
-
const SLASH_COMMAND = `# CoverMe - Ultimate AI Security Scanner
|
|
41
|
-
|
|
42
|
-
The most comprehensive AI-powered code scanner. 10 specialized agents + 3 validators + deep analysis.
|
|
43
|
-
|
|
44
|
-
$ARGUMENTS
|
|
45
|
-
|
|
46
|
-
## CRITICAL INSTRUCTIONS - READ FIRST!
|
|
47
|
-
|
|
48
|
-
1. **DO NOT ASK ANY QUESTIONS** - Run the entire scan autonomously from start to finish
|
|
49
|
-
2. **DO NOT STOP FOR CONFIRMATION** - Just keep going through all phases
|
|
50
|
-
3. **DO NOT ASK ABOUT FILE CHANGES** - Automatically update/overwrite scan.json
|
|
51
|
-
4. **DO NOT ASK TO OPEN REPORT** - Just open it automatically at the end
|
|
52
|
-
5. **COMPLETE EVERYTHING IN ONE GO** - All 5 phases without interruption
|
|
53
|
-
6. **RUN AGENTS IN BACKGROUND** - Use \`run_in_background: true\` for all Task tool calls
|
|
54
|
-
7. **RUN BASH IN BACKGROUND** - Use \`run_in_background: true\` for long Bash commands
|
|
55
|
-
|
|
56
|
-
Execute ALL phases automatically. Do NOT stop until the HTML report is open.
|
|
57
|
-
|
|
58
|
-
---
|
|
59
|
-
|
|
60
|
-
## Phase 1: Discovery (10 parallel agents)
|
|
61
|
-
|
|
62
|
-
Launch ALL 10 agents IN PARALLEL using the Task tool with \`run_in_background: true\`:
|
|
63
|
-
|
|
64
|
-
**IMPORTANT**: Set \`run_in_background: true\` on ALL Task tool calls to run agents in parallel without blocking.
|
|
65
|
-
|
|
66
|
-
### Agent 1: Security Scanner (Core)
|
|
67
|
-
\`\`\`
|
|
68
|
-
Scan for OWASP Top 10 and common vulnerabilities:
|
|
69
|
-
|
|
70
|
-
INJECTION:
|
|
71
|
-
- SQL injection (string concatenation in queries, raw queries)
|
|
72
|
-
- NoSQL injection (MongoDB $where, $regex with user input)
|
|
73
|
-
- Command injection (exec, spawn, system with user input)
|
|
74
|
-
- LDAP injection, XPath injection
|
|
75
|
-
- Template injection (SSTI in Jinja2, EJS, Handlebars)
|
|
76
|
-
- Header injection (CRLF in headers)
|
|
77
|
-
- Log injection (unescaped user input in logs)
|
|
78
|
-
|
|
79
|
-
XSS:
|
|
80
|
-
- Reflected XSS (user input in response without encoding)
|
|
81
|
-
- Stored XSS (database content rendered without escaping)
|
|
82
|
-
- DOM XSS (innerHTML, document.write, eval with user data)
|
|
83
|
-
- dangerouslySetInnerHTML in React without sanitization
|
|
84
|
-
|
|
85
|
-
AUTHENTICATION:
|
|
86
|
-
- Hardcoded credentials (check git ls-files first!)
|
|
87
|
-
- Weak password policies (no complexity, short length)
|
|
88
|
-
- Missing rate limiting on login/register
|
|
89
|
-
- Session fixation (session ID not rotated after login)
|
|
90
|
-
- JWT issues (none algorithm, weak secret, no expiry)
|
|
91
|
-
- Missing MFA on sensitive operations
|
|
92
|
-
|
|
93
|
-
AUTHORIZATION:
|
|
94
|
-
- IDOR (direct object references without ownership check)
|
|
95
|
-
- Missing authorization checks on endpoints
|
|
96
|
-
- Privilege escalation paths
|
|
97
|
-
- Horizontal access (user A accessing user B's data)
|
|
98
|
-
- Vertical access (user accessing admin functions)
|
|
99
|
-
|
|
100
|
-
CRYPTOGRAPHY:
|
|
101
|
-
- MD5/SHA1 for passwords (use bcrypt/argon2)
|
|
102
|
-
- Math.random() for security (use crypto.randomBytes)
|
|
103
|
-
- Hardcoded encryption keys/IVs
|
|
104
|
-
- ECB mode usage
|
|
105
|
-
- Missing HTTPS enforcement
|
|
106
|
-
|
|
107
|
-
Output JSON: [{id: "SEC-XXX", title, severity, category: "security", file, line, code, description, recommendation, confidence}]
|
|
108
|
-
\`\`\`
|
|
109
|
-
|
|
110
|
-
### Agent 2: Auth & Session Scanner
|
|
111
|
-
\`\`\`
|
|
112
|
-
Deep dive into authentication and session management:
|
|
113
|
-
|
|
114
|
-
SSO/OAUTH:
|
|
115
|
-
- Open redirect in return_url/redirect_uri (CRITICAL!)
|
|
116
|
-
- State parameter missing or predictable
|
|
117
|
-
- PKCE not implemented for public clients
|
|
118
|
-
- Token stored in localStorage (XSS vulnerable)
|
|
119
|
-
- Refresh token rotation missing
|
|
120
|
-
- ID token validation incomplete
|
|
121
|
-
|
|
122
|
-
SESSION:
|
|
123
|
-
- Session ID in URL
|
|
124
|
-
- Session not invalidated on logout
|
|
125
|
-
- Session timeout too long (>24h)
|
|
126
|
-
- Same session across devices without tracking
|
|
127
|
-
- Session data not encrypted
|
|
128
|
-
|
|
129
|
-
COOKIES:
|
|
130
|
-
- Missing Secure flag
|
|
131
|
-
- Missing HttpOnly flag
|
|
132
|
-
- Missing SameSite attribute
|
|
133
|
-
- Overly broad domain/path
|
|
134
|
-
- Sensitive data in cookies
|
|
135
|
-
|
|
136
|
-
PASSWORD RESET:
|
|
137
|
-
- Predictable reset tokens
|
|
138
|
-
- Token not expiring
|
|
139
|
-
- No rate limiting on reset requests
|
|
140
|
-
- User enumeration via reset flow
|
|
141
|
-
- Reset link not single-use
|
|
142
|
-
|
|
143
|
-
Output JSON: [{id: "AUTH-XXX", title, severity, category: "security", file, line, code, description, recommendation, confidence}]
|
|
144
|
-
\`\`\`
|
|
145
|
-
|
|
146
|
-
### Agent 3: API Security Scanner
|
|
147
|
-
\`\`\`
|
|
148
|
-
Scan API endpoints for security issues:
|
|
149
|
-
|
|
150
|
-
INPUT VALIDATION:
|
|
151
|
-
- Missing input validation on request body
|
|
152
|
-
- Type coercion attacks (string vs number)
|
|
153
|
-
- Array/object pollution
|
|
154
|
-
- Prototype pollution
|
|
155
|
-
- Mass assignment vulnerabilities
|
|
156
|
-
- GraphQL introspection enabled in production
|
|
157
|
-
- GraphQL depth/complexity limits missing
|
|
158
|
-
|
|
159
|
-
RATE LIMITING:
|
|
160
|
-
- No rate limiting on expensive operations
|
|
161
|
-
- Rate limit bypass via headers (X-Forwarded-For)
|
|
162
|
-
- Missing rate limiting on auth endpoints
|
|
163
|
-
- No account lockout after failed attempts
|
|
164
|
-
|
|
165
|
-
API DESIGN:
|
|
166
|
-
- Verbose error messages leaking internals
|
|
167
|
-
- Stack traces in production
|
|
168
|
-
- Version information exposed
|
|
169
|
-
- Debug endpoints accessible
|
|
170
|
-
- CORS misconfiguration (wildcard origin with credentials)
|
|
171
|
-
- Missing security headers (CSP, HSTS, X-Frame-Options)
|
|
172
|
-
|
|
173
|
-
WEBHOOKS:
|
|
174
|
-
- Webhook signature not verified
|
|
175
|
-
- SSRF via webhook URLs
|
|
176
|
-
- No webhook replay protection
|
|
177
|
-
- Webhook secrets logged
|
|
178
|
-
|
|
179
|
-
Output JSON: [{id: "API-XXX", title, severity, category: "security", file, line, code, description, recommendation, confidence}]
|
|
180
|
-
\`\`\`
|
|
181
|
-
|
|
182
|
-
### Agent 4: Infrastructure Scanner
|
|
183
|
-
\`\`\`
|
|
184
|
-
Scan infrastructure and deployment configs:
|
|
185
|
-
|
|
186
|
-
DOCKER:
|
|
187
|
-
- Running as root user
|
|
188
|
-
- Secrets in Dockerfile or build args
|
|
189
|
-
- Latest tag usage (unpinned versions)
|
|
190
|
-
- Sensitive ports exposed
|
|
191
|
-
- Missing health checks
|
|
192
|
-
- No resource limits
|
|
193
|
-
- Privileged mode enabled
|
|
194
|
-
- Writable root filesystem
|
|
195
|
-
|
|
196
|
-
KUBERNETES/HELM:
|
|
197
|
-
- No resource limits/requests
|
|
198
|
-
- Running as root
|
|
199
|
-
- Privileged containers
|
|
200
|
-
- Host network/PID enabled
|
|
201
|
-
- Missing network policies
|
|
202
|
-
- Secrets not encrypted at rest
|
|
203
|
-
- No pod security policies/standards
|
|
204
|
-
- Service account auto-mount enabled
|
|
205
|
-
|
|
206
|
-
CI/CD:
|
|
207
|
-
- Secrets in CI config files
|
|
208
|
-
- Credentials in environment variables logged
|
|
209
|
-
- Missing secret scanning in pipeline
|
|
210
|
-
- Deploy keys with write access
|
|
211
|
-
- No branch protection
|
|
212
|
-
- Missing SAST/DAST in pipeline
|
|
213
|
-
|
|
214
|
-
CLOUD:
|
|
215
|
-
- S3 buckets public or misconfigured
|
|
216
|
-
- IAM roles too permissive
|
|
217
|
-
- Security groups too open
|
|
218
|
-
- Logging not enabled
|
|
219
|
-
- Encryption at rest disabled
|
|
220
|
-
|
|
221
|
-
Output JSON: [{id: "INFRA-XXX", title, severity, category: "infrastructure", file, line, code, description, recommendation, confidence}]
|
|
222
|
-
\`\`\`
|
|
223
|
-
|
|
224
|
-
### Agent 5: Data & Privacy Scanner
|
|
225
|
-
\`\`\`
|
|
226
|
-
Scan for data protection and privacy issues:
|
|
227
|
-
|
|
228
|
-
PII HANDLING:
|
|
229
|
-
- PII logged (emails, names, IPs, phone numbers)
|
|
230
|
-
- PII in URLs/query strings
|
|
231
|
-
- PII in error messages
|
|
232
|
-
- PII not encrypted at rest
|
|
233
|
-
- PII not masked in UI/logs
|
|
234
|
-
|
|
235
|
-
GDPR/PRIVACY:
|
|
236
|
-
- Missing data retention policy implementation
|
|
237
|
-
- No data deletion mechanism (right to erasure)
|
|
238
|
-
- No data export mechanism (data portability)
|
|
239
|
-
- Consent not tracked properly
|
|
240
|
-
- Third-party data sharing without consent
|
|
241
|
-
- Cross-border data transfer issues
|
|
242
|
-
|
|
243
|
-
DATABASE:
|
|
244
|
-
- Sensitive data not encrypted (column-level)
|
|
245
|
-
- No audit logging for sensitive operations
|
|
246
|
-
- Backup not encrypted
|
|
247
|
-
- Connection strings with credentials in code
|
|
248
|
-
|
|
249
|
-
SECRETS:
|
|
250
|
-
- API keys in code (check git ls-files!)
|
|
251
|
-
- Secrets in environment files committed
|
|
252
|
-
- Secrets logged
|
|
253
|
-
- Secrets in client-side code
|
|
254
|
-
- Hardcoded tokens/passwords
|
|
255
|
-
- .env files not in .gitignore
|
|
256
|
-
|
|
257
|
-
Output JSON: [{id: "DATA-XXX", title, severity, category: "privacy", file, line, code, description, recommendation, confidence}]
|
|
258
|
-
\`\`\`
|
|
259
|
-
|
|
260
|
-
### Agent 6: AI/LLM Security Scanner
|
|
261
|
-
\`\`\`
|
|
262
|
-
Scan for AI/LLM specific vulnerabilities:
|
|
263
|
-
|
|
264
|
-
PROMPT INJECTION:
|
|
265
|
-
- User input directly in prompts without sanitization
|
|
266
|
-
- System prompts exposed to users
|
|
267
|
-
- Prompt leakage via error messages
|
|
268
|
-
- No input length limits on prompts
|
|
269
|
-
- Missing output validation from LLM
|
|
270
|
-
- Jailbreak vulnerabilities
|
|
271
|
-
|
|
272
|
-
DATA LEAKAGE:
|
|
273
|
-
- Training data in responses
|
|
274
|
-
- PII in AI context
|
|
275
|
-
- Conversation history not cleared
|
|
276
|
-
- AI accessing unauthorized data
|
|
277
|
-
- Model output not sanitized
|
|
278
|
-
|
|
279
|
-
SUPPLY CHAIN:
|
|
280
|
-
- CDN imports without Subresource Integrity (SRI)
|
|
281
|
-
- Unpinned AI model versions
|
|
282
|
-
- External AI APIs without TLS verification
|
|
283
|
-
- Model files from untrusted sources
|
|
284
|
-
|
|
285
|
-
RESOURCE:
|
|
286
|
-
- No token limits on AI calls
|
|
287
|
-
- Missing rate limiting on AI endpoints
|
|
288
|
-
- Cost explosion attacks (large inputs)
|
|
289
|
-
- Denial of service via AI
|
|
290
|
-
|
|
291
|
-
BUSINESS LOGIC:
|
|
292
|
-
- AI bypassing business rules
|
|
293
|
-
- AI making unauthorized decisions
|
|
294
|
-
- Content filter bypasses
|
|
295
|
-
- AI output directly executed (code injection)
|
|
296
|
-
|
|
297
|
-
Output JSON: [{id: "AI-XXX", title, severity, category: "ai-security", file, line, code, description, recommendation, confidence}]
|
|
298
|
-
\`\`\`
|
|
299
|
-
|
|
300
|
-
### Agent 7: Performance & DoS Scanner
|
|
301
|
-
\`\`\`
|
|
302
|
-
Scan for performance issues and DoS vectors:
|
|
303
|
-
|
|
304
|
-
DATABASE:
|
|
305
|
-
- N+1 query patterns
|
|
306
|
-
- Missing indexes on filtered/sorted columns
|
|
307
|
-
- Full table scans
|
|
308
|
-
- Unbounded queries (no LIMIT)
|
|
309
|
-
- Connection pool exhaustion
|
|
310
|
-
- Long-running transactions
|
|
311
|
-
|
|
312
|
-
MEMORY:
|
|
313
|
-
- Memory leaks (event listeners not removed)
|
|
314
|
-
- Unbounded caches
|
|
315
|
-
- Large object accumulation
|
|
316
|
-
- Buffer handling issues
|
|
317
|
-
- Stream not properly closed
|
|
318
|
-
- SSE/WebSocket buffer accumulation
|
|
319
|
-
|
|
320
|
-
CPU:
|
|
321
|
-
- ReDoS (Regular Expression DoS)
|
|
322
|
-
- Algorithmic complexity attacks
|
|
323
|
-
- Synchronous crypto operations
|
|
324
|
-
- JSON parsing of large payloads
|
|
325
|
-
- XML parsing without limits (billion laughs)
|
|
326
|
-
|
|
327
|
-
NETWORK:
|
|
328
|
-
- No timeout on external calls
|
|
329
|
-
- Missing circuit breakers
|
|
330
|
-
- Retry storms
|
|
331
|
-
- No backpressure handling
|
|
332
|
-
- Connection leaks
|
|
333
|
-
|
|
334
|
-
RESOURCE EXHAUSTION:
|
|
335
|
-
- File upload without size limits
|
|
336
|
-
- Zip bomb potential
|
|
337
|
-
- Unbounded pagination
|
|
338
|
-
- Missing request size limits
|
|
339
|
-
- Too many concurrent connections
|
|
340
|
-
|
|
341
|
-
Output JSON: [{id: "PERF-XXX", title, severity, category: "performance", file, line, code, description, recommendation, confidence}]
|
|
342
|
-
\`\`\`
|
|
343
|
-
|
|
344
|
-
### Agent 8: Business Logic Scanner
|
|
345
|
-
\`\`\`
|
|
346
|
-
Scan for business logic vulnerabilities:
|
|
347
|
-
|
|
348
|
-
RACE CONDITIONS:
|
|
349
|
-
- TOCTOU (time-of-check-time-of-use)
|
|
350
|
-
- Double-spend in transactions
|
|
351
|
-
- Inventory overselling
|
|
352
|
-
- Concurrent booking conflicts
|
|
353
|
-
- Non-atomic read-modify-write
|
|
354
|
-
|
|
355
|
-
WORKFLOW:
|
|
356
|
-
- Step skipping in multi-step processes
|
|
357
|
-
- State manipulation attacks
|
|
358
|
-
- Order of operations bypass
|
|
359
|
-
- Workflow replay attacks
|
|
360
|
-
|
|
361
|
-
FINANCIAL:
|
|
362
|
-
- Rounding errors in calculations
|
|
363
|
-
- Currency handling issues
|
|
364
|
-
- Negative amount bypass
|
|
365
|
-
- Discount stacking exploits
|
|
366
|
-
- Price manipulation
|
|
367
|
-
|
|
368
|
-
ACCESS CONTROL:
|
|
369
|
-
- Role hierarchy bypass
|
|
370
|
-
- Feature flag manipulation
|
|
371
|
-
- Subscription level bypass
|
|
372
|
-
- Time-based access bypass
|
|
373
|
-
|
|
374
|
-
DATA INTEGRITY:
|
|
375
|
-
- Missing referential integrity
|
|
376
|
-
- Orphaned records possible
|
|
377
|
-
- Data inconsistency between services
|
|
378
|
-
- Missing transaction boundaries
|
|
379
|
-
|
|
380
|
-
Output JSON: [{id: "BIZ-XXX", title, severity, category: "business-logic", file, line, code, description, recommendation, confidence}]
|
|
381
|
-
\`\`\`
|
|
382
|
-
|
|
383
|
-
### Agent 9: Code Quality Scanner
|
|
384
|
-
\`\`\`
|
|
385
|
-
Scan for code quality and maintainability issues:
|
|
386
|
-
|
|
387
|
-
COMPLEXITY:
|
|
388
|
-
- Cyclomatic complexity > 10
|
|
389
|
-
- Functions > 50 lines
|
|
390
|
-
- Files > 500 lines
|
|
391
|
-
- Deep nesting (> 4 levels)
|
|
392
|
-
- Too many parameters (> 5)
|
|
393
|
-
|
|
394
|
-
DRY VIOLATIONS:
|
|
395
|
-
- Duplicated code blocks (> 10 lines)
|
|
396
|
-
- Copy-paste code with minor changes
|
|
397
|
-
- Similar functions that should be unified
|
|
398
|
-
|
|
399
|
-
ANTI-PATTERNS:
|
|
400
|
-
- God objects/classes
|
|
401
|
-
- Callback hell
|
|
402
|
-
- Magic numbers/strings
|
|
403
|
-
- Dead code
|
|
404
|
-
- Unused imports/variables
|
|
405
|
-
- Any type overuse (TypeScript)
|
|
406
|
-
- Console.log in production
|
|
407
|
-
- TODO/FIXME comments in production
|
|
408
|
-
|
|
409
|
-
ERROR HANDLING:
|
|
410
|
-
- Empty catch blocks
|
|
411
|
-
- Generic error swallowing
|
|
412
|
-
- Missing error boundaries (React)
|
|
413
|
-
- Unhandled promise rejections
|
|
414
|
-
- Missing finally blocks for cleanup
|
|
415
|
-
|
|
416
|
-
NAMING:
|
|
417
|
-
- Inconsistent naming conventions
|
|
418
|
-
- Misleading names
|
|
419
|
-
- Single letter variables (except i,j,k)
|
|
420
|
-
- Abbreviations without context
|
|
421
|
-
|
|
422
|
-
Output JSON: [{id: "QUAL-XXX", title, severity, category: "quality", file, line, code, description, recommendation, confidence}]
|
|
423
|
-
\`\`\`
|
|
424
|
-
|
|
425
|
-
### Agent 10: Testing & Reliability Scanner
|
|
426
|
-
\`\`\`
|
|
427
|
-
Scan for testing gaps and reliability issues:
|
|
428
|
-
|
|
429
|
-
TEST COVERAGE:
|
|
430
|
-
- Critical paths without tests (auth, payments, data access)
|
|
431
|
-
- Error handlers not tested
|
|
432
|
-
- Edge cases not covered
|
|
433
|
-
- No integration tests
|
|
434
|
-
- No E2E tests for main flows
|
|
435
|
-
|
|
436
|
-
TEST QUALITY:
|
|
437
|
-
- Tests without assertions
|
|
438
|
-
- Mocked security checks (dangerous!)
|
|
439
|
-
- Flaky tests (time-dependent)
|
|
440
|
-
- Tests with hardcoded data that can expire
|
|
441
|
-
- Missing negative tests (what should fail)
|
|
442
|
-
|
|
443
|
-
RELIABILITY:
|
|
444
|
-
- Missing health checks
|
|
445
|
-
- No graceful shutdown
|
|
446
|
-
- Missing readiness/liveness probes
|
|
447
|
-
- No circuit breakers for external calls
|
|
448
|
-
- Missing retry logic with backoff
|
|
449
|
-
- No fallback mechanisms
|
|
450
|
-
|
|
451
|
-
OBSERVABILITY:
|
|
452
|
-
- Missing structured logging
|
|
453
|
-
- No correlation IDs
|
|
454
|
-
- Missing metrics collection
|
|
455
|
-
- No distributed tracing
|
|
456
|
-
- Errors not properly categorized
|
|
457
|
-
|
|
458
|
-
DEPLOYMENT:
|
|
459
|
-
- No feature flags for risky changes
|
|
460
|
-
- Missing rollback mechanism
|
|
461
|
-
- No canary/blue-green deployment
|
|
462
|
-
- Database migrations not reversible
|
|
463
|
-
|
|
464
|
-
Output JSON: [{id: "TEST-XXX", title, severity, category: "testing", file, line, code, description, recommendation, confidence}]
|
|
465
|
-
\`\`\`
|
|
466
|
-
|
|
467
|
-
---
|
|
468
|
-
|
|
469
|
-
## Phase 2: Cross-Validation (3 parallel validators)
|
|
470
|
-
|
|
471
|
-
Wait for all Phase 1 background agents to complete using \`AgentOutputTool\`.
|
|
472
|
-
|
|
473
|
-
Then launch 3 validators IN PARALLEL with \`run_in_background: true\`:
|
|
474
|
-
|
|
475
|
-
### Validator A: False Positive Hunter
|
|
476
|
-
\`\`\`
|
|
477
|
-
Review ALL findings from Phase 1. For each finding:
|
|
478
|
-
1. Read the actual code file
|
|
479
|
-
2. Check if there are mitigating controls elsewhere
|
|
480
|
-
3. For secrets: run "git ls-files <file>" - if not tracked, mark FALSE POSITIVE
|
|
481
|
-
4. Check if code is actually reachable in production
|
|
482
|
-
5. Verify the context (is it test code? example code? disabled feature?)
|
|
483
|
-
|
|
484
|
-
Output: { confirmed: ["SEC-001",...], falsePositives: [{id, reason},...] }
|
|
485
|
-
\`\`\`
|
|
486
|
-
|
|
487
|
-
### Validator B: Evidence Challenger
|
|
488
|
-
\`\`\`
|
|
489
|
-
Challenge every HIGH and CRITICAL finding:
|
|
490
|
-
1. Read the actual code with 20 lines of context
|
|
491
|
-
2. Trace data flow from source to sink
|
|
492
|
-
3. Check for sanitization/validation in between
|
|
493
|
-
4. Verify the exploit scenario is realistic
|
|
494
|
-
5. Consider the deployment environment
|
|
495
|
-
6. Check if it's actually exploitable in production
|
|
496
|
-
|
|
497
|
-
Output: { confirmed: ["SEC-001",...], falsePositives: [{id, reason},...] }
|
|
498
|
-
\`\`\`
|
|
499
|
-
|
|
500
|
-
### Validator C: Missing Issues Hunter
|
|
501
|
-
\`\`\`
|
|
502
|
-
Look for issues that Phase 1 agents MISSED:
|
|
503
|
-
- Race conditions in critical operations
|
|
504
|
-
- Business logic flaws specific to this application
|
|
505
|
-
- Edge cases (empty input, null, undefined, max length)
|
|
506
|
-
- Integration point vulnerabilities
|
|
507
|
-
- Configuration issues for specific environment
|
|
508
|
-
- Combination attacks (multiple low issues = high)
|
|
509
|
-
|
|
510
|
-
Output: { missedIssues: [{id, title, severity, file, line, description, recommendation},...] }
|
|
511
|
-
\`\`\`
|
|
512
|
-
|
|
513
|
-
---
|
|
514
|
-
|
|
515
|
-
## Phase 3: Build Consensus
|
|
516
|
-
|
|
517
|
-
Wait for all Phase 2 background validators to complete using \`AgentOutputTool\`.
|
|
518
|
-
|
|
519
|
-
Combine all results:
|
|
520
|
-
1. Calculate confidence: (confirmations / validators) * 100
|
|
521
|
-
2. Remove findings with confidence < 50%
|
|
522
|
-
3. Add missed issues from Validator C
|
|
523
|
-
4. Identify positive observations (good patterns found)
|
|
524
|
-
|
|
525
|
-
---
|
|
526
|
-
|
|
527
|
-
## Phase 4: Generate Report
|
|
528
|
-
|
|
529
|
-
**DO NOT ASK - JUST OVERWRITE THE FILE!**
|
|
530
|
-
|
|
531
|
-
Update \`.coverme/scan.json\` with the scan results. Overwrite any existing content without asking:
|
|
532
|
-
|
|
533
|
-
- **projectName**: from package.json or folder name
|
|
534
|
-
- **scanDate**: today's date
|
|
535
|
-
- **findings**: array of issues found (each with id, title, severity, category, file, line, description, code, recommendation, confidence)
|
|
536
|
-
- **positiveObservations**: array of good patterns found
|
|
537
|
-
- **scanDuration**: time taken in ms
|
|
538
|
-
- **agentCount**: 7
|
|
539
|
-
|
|
540
|
-
Use the Write tool to overwrite \`.coverme/scan.json\` with the results. Do not ask for confirmation.
|
|
541
|
-
|
|
542
|
-
---
|
|
543
|
-
|
|
544
|
-
## Phase 5: Generate HTML Report
|
|
545
|
-
|
|
546
|
-
**DO NOT ASK - JUST RUN THE COMMANDS!**
|
|
547
|
-
|
|
548
|
-
Generate the HTML report and open it automatically:
|
|
549
|
-
\`\`\`bash
|
|
550
|
-
TIMESTAMP=$(date +%Y-%m-%d_%H-%M-%S)
|
|
551
|
-
npx coverme-scanner report .coverme/scan.json -f html -o ".coverme/report_$TIMESTAMP.html"
|
|
552
|
-
cp .coverme/scan.json ".coverme/scan_$TIMESTAMP.json"
|
|
553
|
-
open ".coverme/report_$TIMESTAMP.html"
|
|
554
|
-
\`\`\`
|
|
555
|
-
|
|
556
|
-
Run these commands without asking for permission.
|
|
557
|
-
|
|
558
|
-
---
|
|
559
|
-
|
|
560
|
-
## DONE
|
|
561
|
-
|
|
562
|
-
Tell the user: "Scan complete! Report saved to .coverme/ and opened in browser."
|
|
563
|
-
|
|
564
|
-
**REMINDER: You should have completed all 5 phases without asking ANY questions or stopping for confirmation.**
|
|
565
|
-
`;
|
|
566
40
|
async function init(options) {
|
|
567
41
|
const targetDir = options.global
|
|
568
42
|
? path.join(os.homedir(), '.claude', 'commands')
|
|
569
43
|
: path.join(process.cwd(), '.claude', 'commands');
|
|
570
|
-
console.log(`Installing
|
|
44
|
+
console.log(`Installing CoverMe v4.0 commands to: ${targetDir}`);
|
|
571
45
|
// Create directory if needed
|
|
572
46
|
if (!fs.existsSync(targetDir)) {
|
|
573
47
|
fs.mkdirSync(targetDir, { recursive: true });
|
|
@@ -581,11 +55,17 @@ async function init(options) {
|
|
|
581
55
|
console.log(`Use --force to overwrite.`);
|
|
582
56
|
}
|
|
583
57
|
else {
|
|
584
|
-
//
|
|
58
|
+
// Read from package's distributed file - this is the ONLY source
|
|
585
59
|
const distCommandPath = path.join(__dirname, '..', 'prompts', 'coverme-command.md');
|
|
586
|
-
|
|
587
|
-
|
|
588
|
-
|
|
60
|
+
if (!fs.existsSync(distCommandPath)) {
|
|
61
|
+
console.error(`ERROR: Command file not found at ${distCommandPath}`);
|
|
62
|
+
console.error(`This is a packaging error. Please reinstall: npm install -g coverme-scanner@latest`);
|
|
63
|
+
process.exit(1);
|
|
64
|
+
}
|
|
65
|
+
const commandContent = fs.readFileSync(distCommandPath, 'utf-8');
|
|
66
|
+
// Verify it's the latest version
|
|
67
|
+
if (!commandContent.includes('33 specialized agents')) {
|
|
68
|
+
console.warn(`WARNING: Command file may be outdated. Please reinstall: npm install -g coverme-scanner@latest --force`);
|
|
589
69
|
}
|
|
590
70
|
fs.writeFileSync(commandPath, commandContent);
|
|
591
71
|
console.log(`${options.force ? 'Updated' : 'Created'}: ${commandPath}`);
|
|
@@ -596,6 +76,12 @@ async function init(options) {
|
|
|
596
76
|
fs.mkdirSync(covermeDir, { recursive: true });
|
|
597
77
|
console.log(`Created: ${covermeDir}/`);
|
|
598
78
|
}
|
|
79
|
+
// Create .coverme/agents directory for agent outputs
|
|
80
|
+
const agentsDir = path.join(covermeDir, 'agents');
|
|
81
|
+
if (!fs.existsSync(agentsDir)) {
|
|
82
|
+
fs.mkdirSync(agentsDir, { recursive: true });
|
|
83
|
+
console.log(`Created: ${agentsDir}/`);
|
|
84
|
+
}
|
|
599
85
|
// Create scan.json template
|
|
600
86
|
const scanJsonPath = path.join(covermeDir, 'scan.json');
|
|
601
87
|
if (!fs.existsSync(scanJsonPath)) {
|
|
@@ -605,7 +91,7 @@ async function init(options) {
|
|
|
605
91
|
findings: [],
|
|
606
92
|
positiveObservations: [],
|
|
607
93
|
scanDuration: 0,
|
|
608
|
-
agentCount:
|
|
94
|
+
agentCount: 33
|
|
609
95
|
};
|
|
610
96
|
fs.writeFileSync(scanJsonPath, JSON.stringify(scanTemplate, null, 2));
|
|
611
97
|
console.log(`Created: ${scanJsonPath}`);
|
|
@@ -635,6 +121,7 @@ async function init(options) {
|
|
|
635
121
|
allow: [
|
|
636
122
|
// Basic file operations
|
|
637
123
|
"Bash(mkdir:*)",
|
|
124
|
+
"Bash(rm:*)",
|
|
638
125
|
"Bash(ls:*)",
|
|
639
126
|
"Bash(cat:*)",
|
|
640
127
|
"Bash(cp:*)",
|
|
@@ -656,11 +143,10 @@ async function init(options) {
|
|
|
656
143
|
"Bash(date:*)",
|
|
657
144
|
"Bash(echo:*)",
|
|
658
145
|
// Report generation
|
|
146
|
+
"Bash(coverme:*)",
|
|
659
147
|
"Bash(npx coverme*:*)",
|
|
660
148
|
"Bash(npx coverme-scanner*:*)",
|
|
661
149
|
"Bash(open:*)",
|
|
662
|
-
// SSH for runtime verification
|
|
663
|
-
"Bash(ssh:*)",
|
|
664
150
|
// .coverme directory access
|
|
665
151
|
"Read(.coverme/*)",
|
|
666
152
|
"Write(.coverme/*)",
|
|
@@ -693,35 +179,36 @@ async function init(options) {
|
|
|
693
179
|
console.log(`Created/updated: ${settingsPath} with coverme permissions`);
|
|
694
180
|
console.log(`
|
|
695
181
|
================================================================================
|
|
696
|
-
|
|
182
|
+
COVERME v4.0 INSTALLED
|
|
697
183
|
================================================================================
|
|
698
184
|
|
|
185
|
+
33 Security Agents including 9 AI-code-specific detectors
|
|
186
|
+
|
|
699
187
|
Usage:
|
|
700
188
|
1. Open Claude Code in your project
|
|
701
189
|
2. Type /coverme and press Enter
|
|
702
|
-
3. Wait for the scan to complete
|
|
703
|
-
4.
|
|
190
|
+
3. Wait for the scan to complete
|
|
191
|
+
4. PDF report opens automatically
|
|
704
192
|
|
|
705
193
|
What it scans:
|
|
706
194
|
- Security (SEC): OWASP Top 10, injection, XSS, crypto
|
|
707
195
|
- Authentication (AUTH): JWT, OAuth, sessions, passwords
|
|
708
196
|
- API Security (API): Input validation, rate limiting, CORS
|
|
709
197
|
- Infrastructure (INFRA): Docker, K8s, CI/CD, secrets
|
|
198
|
+
- AI Code Detection: Assumptions, trust boundaries, silent failures
|
|
710
199
|
- Business Logic (BIZ): Race conditions, authorization
|
|
711
|
-
- Code Quality (QUAL): Dead code, test coverage
|
|
712
200
|
|
|
713
|
-
|
|
714
|
-
-
|
|
715
|
-
-
|
|
716
|
-
-
|
|
717
|
-
-
|
|
718
|
-
-
|
|
201
|
+
NEW in v4.0 - AI-Generated Code Detection:
|
|
202
|
+
- ASSUME: Dangerous assumptions (data!, as any)
|
|
203
|
+
- TRUST: Trust boundary violations
|
|
204
|
+
- SILENT: Silent error handling
|
|
205
|
+
- LOGICGAP: Logic gaps (if (!x) return;)
|
|
206
|
+
- AISTYLE: AI code style heuristics
|
|
207
|
+
- ADVERSARIAL: Systemic weakness review
|
|
719
208
|
|
|
720
209
|
Reports saved to: .coverme/
|
|
721
210
|
- scan.json (raw data)
|
|
722
|
-
-
|
|
723
|
-
|
|
724
|
-
The .coverme/ folder is automatically added to .gitignore
|
|
211
|
+
- security-report-YYYY-MM-DD.pdf (PDF report)
|
|
725
212
|
|
|
726
213
|
================================================================================
|
|
727
214
|
`);
|
package/dist/cli/init.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.js","sourceRoot":"","sources":["../../src/cli/init.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"init.js","sourceRoot":"","sources":["../../src/cli/init.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AASA,oBA+LC;AAxMD,uCAAyB;AACzB,2CAA6B;AAC7B,uCAAyB;AAOlB,KAAK,UAAU,IAAI,CAAC,OAAoB;IAC7C,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM;QAC9B,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,UAAU,CAAC;QAChD,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IAEpD,OAAO,CAAC,GAAG,CAAC,wCAAwC,SAAS,EAAE,CAAC,CAAC;IAEjE,6BAA6B;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9B,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,sBAAsB,SAAS,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,0BAA0B;IAC1B,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;IAEvD,iDAAiD;IACjD,IAAI,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,wBAAwB,WAAW,EAAE,CAAC,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IAC3C,CAAC;SAAM,CAAC;QACN,iEAAiE;QACjE,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,oBAAoB,CAAC,CAAC;QAEpF,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YACpC,OAAO,CAAC,KAAK,CAAC,oCAAoC,eAAe,EAAE,CAAC,CAAC;YACrE,OAAO,CAAC,KAAK,CAAC,oFAAoF,CAAC,CAAC;YACpG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,cAAc,GAAG,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAEjE,iCAAiC;QACjC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,uBAAuB,CAAC,EAAE,CAAC;YACtD,OAAO,CAAC,IAAI,CAAC,wGAAwG,CAAC,CAAC;QACzH,CAAC;QAED,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,KAAK,WAAW,EAAE,CAAC,CAAC;IAC1E,CAAC;IAED,wCAAwC;IACxC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;IACxD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,YAAY,UAAU,GAAG,CAAC,CAAC;IACzC,CAAC;IAED,qDAAqD;IACrD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IAClD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9B,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,YAAY,SAAS,GAAG,CAAC,CAAC;IACxC,CAAC;IAED,4BAA4B;IAC5B,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;IACxD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,MAAM,YAAY,GAAG;YACnB,WAAW,EAAE,EAAE;YACf,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE,EAAE;YACZ,oBAAoB,EAAE,EAAE;YACxB,YAAY,EAAE,CAAC;YACf,UAAU,EAAE,EAAE;SACf,CAAC;QACF,EAAE,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACtE,OAAO,CAAC,GAAG,CAAC,YAAY,YAAY,EAAE,CAAC,CAAC;IAC1C,CAAC;IAED,kDAAkD;IAClD,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,YAAY,CAAC,CAAC;IAC7D,MAAM,aAAa,GAAG,uCAAuC,CAAC;IAE9D,IAAI,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QACjC,MAAM,gBAAgB,GAAG,EAAE,CAAC,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACjE,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3C,EAAE,CAAC,cAAc,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;YAChD,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;QAC/C,CAAC;IACH,CAAC;SAAM,CAAC;QACN,EAAE,CAAC,aAAa,CAAC,aAAa,EAAE,aAAa,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;IACnD,CAAC;IAED,kEAAkE;IAClE,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,SAAS,CAAC,CAAC;IACxD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAChC,EAAE,CAAC,SAAS,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,qBAAqB,CAAC,CAAC;IACnE,MAAM,kBAAkB,GAAG;QACzB,WAAW,EAAE;YACX,KAAK,EAAE;gBACL,wBAAwB;gBACxB,eAAe;gBACf,YAAY;gBACZ,YAAY;gBACZ,aAAa;gBACb,YAAY;gBACZ,cAAc;gBACd,cAAc;gBACd,YAAY;gBACZ,uBAAuB;gBACvB,cAAc;gBACd,cAAc;gBACd,cAAc;gBACd,eAAe;gBACf,iBAAiB;gBACjB,sBAAsB;gBACtB,iBAAiB;gBACjB,oBAAoB;gBACpB,kBAAkB;gBAClB,0BAA0B;gBAC1B,iBAAiB;gBACjB,cAAc;gBACd,cAAc;gBACd,oBAAoB;gBACpB,iBAAiB;gBACjB,sBAAsB;gBACtB,8BAA8B;gBAC9B,cAAc;gBACd,4BAA4B;gBAC5B,kBAAkB;gBAClB,mBAAmB;gBACnB,kBAAkB;aACnB;SACF;KACF,CAAC;IAEF,0CAA0C;IAC1C,IAAI,gBAAgB,GAAQ,EAAE,CAAC;IAC/B,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QAChC,IAAI,CAAC;YACH,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;QACxE,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,sCAAsC;QACxC,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,cAAc,GAAG;QACrB,GAAG,gBAAgB;QACnB,WAAW,EAAE;YACX,GAAG,gBAAgB,CAAC,WAAW;YAC/B,KAAK,EAAE;gBACL,GAAG,CAAC,gBAAgB,CAAC,WAAW,EAAE,KAAK,IAAI,EAAE,CAAC;gBAC9C,GAAG,kBAAkB,CAAC,WAAW,CAAC,KAAK;aACxC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;SACpD;KACF,CAAC;IAEF,EAAE,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACxE,OAAO,CAAC,GAAG,CAAC,oBAAoB,YAAY,2BAA2B,CAAC,CAAC;IAEzE,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAkCb,CAAC,CAAC;AACH,CAAC"}
|
|
@@ -566,43 +566,18 @@ Return ONLY: "done"
|
|
|
566
566
|
|
|
567
567
|
---
|
|
568
568
|
|
|
569
|
-
## Phase 3:
|
|
569
|
+
## Phase 3: Generate PDF Report (NO JSON NEEDED)
|
|
570
570
|
|
|
571
|
-
**
|
|
571
|
+
**Run this single command - it handles everything:**
|
|
572
572
|
|
|
573
|
-
1. Read agent files in PARALLEL:
|
|
574
573
|
```bash
|
|
575
|
-
|
|
574
|
+
coverme --scan . --output security-report-$(date +%Y-%m-%d).pdf && open security-report-$(date +%Y-%m-%d).pdf
|
|
576
575
|
```
|
|
577
576
|
|
|
578
|
-
|
|
579
|
-
```json
|
|
580
|
-
{
|
|
581
|
-
"projectName": "PROJECT_NAME",
|
|
582
|
-
"scanDate": "DATE",
|
|
583
|
-
"findings": [/* max 30 findings, critical/high first */],
|
|
584
|
-
"summary": {"critical":N,"high":N,"medium":N,"low":N}
|
|
585
|
-
}
|
|
586
|
-
```
|
|
587
|
-
|
|
588
|
-
3. **Write scan.json using Write tool** - keep it under 50KB!
|
|
589
|
-
- Max 30 findings total
|
|
590
|
-
- Max 100 chars per code snippet
|
|
591
|
-
- No duplicate findings
|
|
592
|
-
|
|
593
|
-
---
|
|
594
|
-
|
|
595
|
-
## Phase 4: Generate PDF Report
|
|
596
|
-
|
|
597
|
-
**Run this IMMEDIATELY after writing scan.json:**
|
|
598
|
-
|
|
599
|
-
```bash
|
|
600
|
-
coverme .coverme/scan.json security-report-$(date +%Y-%m-%d).pdf && open security-report-$(date +%Y-%m-%d).pdf
|
|
601
|
-
```
|
|
602
|
-
|
|
603
|
-
If that fails, try:
|
|
577
|
+
If that doesn't work, use the legacy method:
|
|
604
578
|
```bash
|
|
605
|
-
|
|
579
|
+
coverme .coverme/scan.json security-report.pdf 2>/dev/null || npx coverme-scanner .coverme/scan.json security-report.pdf
|
|
580
|
+
open security-report.pdf
|
|
606
581
|
```
|
|
607
582
|
|
|
608
583
|
---
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "coverme-scanner",
|
|
3
|
-
"version": "4.0.
|
|
3
|
+
"version": "4.0.4",
|
|
4
4
|
"description": "AI-powered security scanner with 33 agents including AI-generated code detection. STRIDE/DREAD scoring, adversarial review, professional PDF reports.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|